Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/239a8e-90d8-43bd-90ed-3e34d00732a3/1/KmeC7Zvcb3Z90zXzFggcQw9rt9A.roa
File: KmeC7Zvcb3Z90zXzFggcQw9rt9A.roa (raw, json)
Hash identifier: VhBQttHRJXIPAyKWldnzfNTixcfzO8edvWe74/Y3bc4=
Subject key identifier: 2A:67:82:ED:9B:DC:6F:76:7D:D3:35:F3:16:08:1C:43:0F:6B:B7:D0
Certificate issuer: /CN=3cb1cc975c218f16686b0841edfc309cca746a7b
Certificate serial: 0193BF4A5EB8079660FADE1C35CE24A70342
Authority key identifier: 3C:B1:CC:97:5C:21:8F:16:68:6B:08:41:ED:FC:30:9C:CA:74:6A:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PLHMl1whjxZoawhB7fwwnMp0ans.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/239a8e-90d8-43bd-90ed-3e34d00732a3/1/KmeC7Zvcb3Z90zXzFggcQw9rt9A.roa
Signing time: Fri 13 Dec 2024 09:12:22 +0000
ROA not before: Fri 13 Dec 2024 09:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198984
IP address blocks: 45.155.148.0/22 maxlen: 22
91.239.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:4a:5e:b8:07:96:60:fa:de:1c:35:ce:24:a7:03:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cb1cc975c218f16686b0841edfc309cca746a7b
Validity
Not Before: Dec 13 09:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a6782ed9bdc6f767dd335f316081c430f6bb7d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7c:d9:f2:2c:a6:2b:98:ed:41:65:43:64:55:
db:6e:f4:db:02:53:66:10:9d:e0:1d:ee:1e:ed:d1:
e3:a2:b3:a7:14:a5:4e:96:d6:9e:b5:d1:1e:8b:49:
56:d6:de:85:4f:7a:9a:30:82:46:50:9e:99:b9:03:
37:99:ab:63:53:3f:33:71:f1:c0:a6:58:8d:f1:d9:
ec:83:29:d7:b2:75:c2:8a:4f:d8:dd:fd:19:45:3f:
0c:6e:b3:db:d1:a0:e0:84:13:91:59:d5:be:9b:99:
cc:5b:11:01:af:d8:14:93:52:7d:7c:6b:a9:07:27:
26:66:fa:9b:b3:76:c6:5e:68:02:81:c7:70:70:95:
17:bf:59:a7:bd:e1:b2:3f:ee:9c:46:d2:95:df:00:
41:01:bf:3e:ec:4a:53:c3:14:27:d5:86:ef:14:83:
77:0c:97:d2:a2:47:c7:ea:3b:9e:a7:62:d0:92:77:
f5:e8:04:cb:3e:cc:fb:b3:04:98:87:b4:6d:9d:d6:
f7:8b:d2:73:84:e5:90:c0:b4:1b:ea:97:85:d8:90:
98:86:3c:0a:51:bd:4e:aa:15:aa:31:68:28:12:72:
a1:ad:c0:01:4b:f1:41:51:a9:ff:e4:8a:e6:ad:aa:
72:ca:b6:d3:9f:af:81:5e:ea:cf:b4:ab:85:23:35:
8a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:67:82:ED:9B:DC:6F:76:7D:D3:35:F3:16:08:1C:43:0F:6B:B7:D0
X509v3 Authority Key Identifier:
keyid:3C:B1:CC:97:5C:21:8F:16:68:6B:08:41:ED:FC:30:9C:CA:74:6A:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PLHMl1whjxZoawhB7fwwnMp0ans.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/239a8e-90d8-43bd-90ed-3e34d00732a3/1/KmeC7Zvcb3Z90zXzFggcQw9rt9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/239a8e-90d8-43bd-90ed-3e34d00732a3/1/PLHMl1whjxZoawhB7fwwnMp0ans.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.148.0/22
91.239.152.0/22
Signature Algorithm: sha256WithRSAEncryption
28:b5:a7:b6:67:54:36:80:14:c7:68:46:76:b7:72:9d:41:56:
2e:71:2a:d7:2f:63:a9:b9:a5:28:12:9b:6f:38:bb:d7:b0:24:
54:f9:19:6f:8e:92:b2:90:99:b4:ab:98:1e:72:b2:75:04:9d:
1a:e7:66:78:40:f6:85:bf:e5:58:ad:58:f5:5c:d4:d2:8a:65:
0c:af:a5:68:1b:20:a0:7d:ae:cf:aa:81:41:a0:7e:88:bb:92:
a1:4e:7b:6e:13:f6:29:55:19:72:3d:a4:6a:4d:bc:88:08:16:
3f:8b:dc:45:76:5b:79:ef:de:46:07:dc:68:f7:80:36:fd:68:
48:0b:f7:42:52:60:a7:6d:de:3a:e5:f5:b5:25:e3:19:21:5f:
55:27:f8:fa:12:20:ae:ca:51:06:c8:6a:94:01:b1:54:dd:75:
a9:89:b0:41:aa:2f:88:cc:f1:f5:9f:06:fb:6d:ec:9c:a7:7d:
36:9f:d9:1f:d2:bc:05:88:40:6b:fd:35:c4:75:1c:c0:14:16:
91:dc:c6:e7:10:4c:d2:45:c4:20:b5:87:d7:64:8e:45:9c:f1:
3c:7a:f4:bb:3e:1d:ab:75:ca:13:db:32:39:99:4f:40:f4:cf:
dc:b3:45:96:69:53:64:96:92:08:eb:f1:6a:fb:cb:99:0e:b6:
79:fc:70:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZO/Sl64B5Zg+t4cNc4kpwNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYjFjYzk3NWMyMThmMTY2ODZiMDg0MWVkZmMzMDljY2E3
NDZhN2IwHhcNMjQxMjEzMDkxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY3ODJlZDliZGM2Zjc2N2RkMzM1ZjMxNjA4MWM0MzBmNmJiN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXzZ8iymK5jtQWVDZFXbbvTbAlNm
EJ3gHe4e7dHjorOnFKVOltaetdEei0lW1t6FT3qaMIJGUJ6ZuQM3matjUz8zcfHA
pliN8dnsgynXsnXCik/Y3f0ZRT8MbrPb0aDghBORWdW+m5nMWxEBr9gUk1J9fGup
BycmZvqbs3bGXmgCgcdwcJUXv1mnveGyP+6cRtKV3wBBAb8+7EpTwxQn1YbvFIN3
DJfSokfH6juep2LQknf16ATLPsz7swSYh7Rtndb3i9JzhOWQwLQb6peF2JCYhjwK
Ub1OqhWqMWgoEnKhrcABS/FBUan/5IrmrapyyrbTn6+BXurPtKuFIzWKWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCpngu2b3G92fdM18xYIHEMPa7fQMB8GA1UdIwQY
MBaAFDyxzJdcIY8WaGsIQe38MJzKdGp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUExITWwxd2hqeFpvYXdoQjdmd3duTXAwYW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8yMzlhOGUtOTBkOC00M2JkLTkwZWQt
M2UzNGQwMDczMmEzLzEvS21lQzdadmNiM1o5MHpYekZnZ2NRdzlydDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8yMzlhOGUtOTBkOC00M2JkLTkwZWQtM2UzNGQwMDczMmEz
LzEvUExITWwxd2hqeFpvYXdoQjdmd3duTXAwYW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZuUAwQC
W++YMA0GCSqGSIb3DQEBCwUAA4IBAQAotae2Z1Q2gBTHaEZ2t3KdQVYucSrXL2Op
uaUoEptvOLvXsCRU+RlvjpKykJm0q5gecrJ1BJ0a52Z4QPaFv+VYrVj1XNTSimUM
r6VoGyCgfa7PqoFBoH6Iu5KhTntuE/YpVRlyPaRqTbyICBY/i9xFdlt5795GB9xo
94A2/WhIC/dCUmCnbd465fW1JeMZIV9VJ/j6EiCuylEGyGqUAbFU3XWpibBBqi+I
zPH1nwb7beycp302n9kf0rwFiEBr/TXEdRzAFBaR3MbnEEzSRcQgtYfXZI5FnPE8
evS7Ph2rdcoT2zI5mU9A9M/cs0WWaVNklpII6/Fq+8uZDrZ5/HAb
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:31 2025 by rpki-client